From owner-freebsd-security Tue Jul 2 14:40:21 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D368137C8F4 for ; Tue, 2 Jul 2002 14:39:34 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACB0943E39 for ; Tue, 2 Jul 2002 14:39:33 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 8CBE3534B; Tue, 2 Jul 2002 23:39:31 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Mikhail Teterin Cc: security@FreeBSD.org Subject: Re: two sshd processes per session? References: <200207021141.34021.mi+mx@aldan.algebra.com> From: Dag-Erling Smorgrav Date: 02 Jul 2002 23:39:30 +0200 In-Reply-To: <200207021141.34021.mi+mx@aldan.algebra.com> Message-ID: Lines: 13 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Mikhail Teterin writes: > With the privilege separation enabled, there are two sshd processes per > each session. If, however, I kill the [priv] one after logging in, the > session continues to work properly... Perhaps, the [priv] part should > exit by itself? I must be missing something... If you kill the monitor, you won't be able to do stuff like connect to forwarded ports etc., and your session might not be properly shut down after you disconnect. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message